Setting SSH2 algorithm preferences

The SSH protocol secures data in transit through the exchange of a secure secret which is then used to create keys which are used to encrypt and authenticate each message sent by the client or server. All algorithms are identified by a unique name and each side declares to the other which algorithms it supports during the key exchange process.

Each side declares their supported algorithms for each type of cryptographic component in a list ordered by preference. During key exchange the client list is iterated over from most preferred to least, and the first available algorithm supported by the server is selected.

In practice this means that as long as the server supports the client's preferred algorithm for a given component, this will be selected and used.

Getting the Ssh2Context

In order to configure J2SSH Maverick with your algorithm preferences you need to get hold of the Ssh2Context instance of the SshConnector. The following code will achieve this:

Ciphers

Once key exchange has completed and the secret established, a set of keys are created that are used to encrypt/decrypt the stream of data passing over the SSH connection. A separate key and algorithm preference is set for data travelling client->server and another for server->client data.